Database Security: Access Control and Permissions

Most databases manage access using:

• Users – individual accounts
• Roles – groups of permissions
• Permissions – allowed actions

Permissions may include:

• Reading data
• Inserting new records
• Updating existing records
• Deleting records

By assigning users to roles, databases can be managed efficiently and securely.

Principle of Least Privilege

A key IB security concept is the principle of least privilege.

This principle states that:

• Users should be given only the access they need
• No more, no less

For example:

• A student may only view their own records
• A teacher may update grades
• An administrator may manage the entire database

Limiting access reduces the impact of mistakes or attacks.

Access Control and Data Integrity

Access control protects data integrity by:

• Preventing unauthorised changes
• Ensuring accountability
• Reducing accidental data loss

If only trusted users can modify data:

• Errors are less likely
• Changes can be tracked

This is especially important in systems such as:

• School databases
• Banking systems
• Medical records

Authentication vs Authorisation

IB students should distinguish between:

• Authentication – verifying who a user is
• Authorisation – determining what the user is allowed to do

Access control focuses mainly on authorisation, but both are required for secure systems.

Database Security in Real-World Systems

Access control is used in:

• School information systems
• Online platforms
• Business databases

Different users see different data depending on their role. This protects privacy and maintains system integrity.

Common Student Mistakes

Students often:

• Confuse access control with encryption
• Ignore role-based permissions
• Forget the principle of least privilege
• Describe security too vaguely

Clear cause-and-effect explanations earn higher marks.

How This Appears in IB Exams

IB exam questions may ask students to:

• Explain access control
• Justify permission restrictions
• Identify security risks
• Apply roles to a scenario

Justification is more important than definitions alone.

Final Thoughts

Access control and permissions are essential for protecting databases from misuse, mistakes, and attacks. By limiting what users can see and do, databases maintain security, accuracy, and trust.

Understanding how access control works allows IB Computer Science students to explain database security clearly and confidently — exactly what examiners expect.

Learn the differences between HDDs, SSDs, and NAS for IB Computer Science, including performance, cost, and use cases.